﻿// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.


using IdentityServer4;
using IdentityServer4.Models;
using System.Collections.Generic;

namespace idpDemo
{
    public static class Config
    {
        public static IEnumerable<IdentityResource> IdentityResources =>
            new IdentityResource[]
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile(),
            };

        /// <summary>
        /// 定义系统中的API资源
        /// </summary>
        /// <returns></returns>
        public static IEnumerable<ApiResource> ApiResources =>

              new List<ApiResource>
            {
                new ApiResource("api1", "api1 server")
            };


        public static IEnumerable<ApiScope> ApiScopes =>
            new ApiScope[]
            {
                new ApiScope("scope1"),
                new ApiScope("scope2"),
                new ApiScope("scope3"),
            };

        public static IEnumerable<Client> Clients =>
            new Client[]
            {
                // m2m client credentials flow client
                new Client
                {
                    ClientId = "m2m.client",
                    ClientName = "Client Credentials Client",

                    AllowedGrantTypes = GrantTypes.ClientCredentials,
                    ClientSecrets = { new Secret("511536EF-F270-4058-80CA-1C89C192F69A".Sha256()) },

                    AllowedScopes = { "scope1" }
                },
                   // m2m client credentials flow client
                new Client
                {
                    ClientId = "pwd.client",
                    ClientName = "Client password Client",

                    AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
                    ClientSecrets = { new Secret("password".Sha256()) },

                    AllowedScopes = { "scope2" }
                },


               // interactive client using code flow + pkce
                new Client
                {
                    ClientId = "mvc.client",
                    ClientSecrets = { new Secret("mvc.secret".Sha256()) },

                    AllowedGrantTypes = GrantTypes.CodeAndClientCredentials,

                    RedirectUris = { "https://localhost:6007/signin-oidc" },
                    FrontChannelLogoutUri = "https://localhost:6007/signout-oidc",
                    PostLogoutRedirectUris = { "https://localhost:6007/signout-callback-oidc" },
                    AccessTokenLifetime=60,
                    AllowOfflineAccess = true,
                    AlwaysIncludeUserClaimsInIdToken=true,
                    AllowedScopes = {
                        "scope3",
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile

                    },
                },
                  // interactive client using code flow + pkce
                new Client
                {
                    ClientId = "api.client",
                    ClientSecrets = { new Secret("api.secret".Sha256()) },

                    AllowedGrantTypes = GrantTypes.Implicit,

                    RedirectUris = { "https://localhost:6008/signin-oidc" },
                    FrontChannelLogoutUri = "https://localhost:6008/signout-oidc",
                    PostLogoutRedirectUris = { "https://localhost:6008/signout-callback-oidc" },
                    AccessTokenLifetime=60,
                    AllowOfflineAccess = true,
                    AlwaysIncludeUserClaimsInIdToken=true,
                    AllowedScopes = {
                        "scope3",
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile

                    }
                },
            };
    }
}